OAuth tools coming to Android through Google Play Store

Is the end nigh for endless passwords?

The tech, also used by Facebook and Twitter to allow users to connect with external apps and services, may eventually replace the need to type in multiple passwords for apps on Android devices.

The OAuth 2.0 tools, available for developers from the Google Play Store starting Thursday, will eventually allow users (on Android v2.2 and higher) access to many services, simply through their Google account password.

Access tokens

Once developers, whose apps require access to Google's APIs, have integrated the OAuth tools, it will enable "access tokens" to be sent between the device and the app.

This will replace the need for a user to create a new account or enter a complicated password, while also giving the service provider access to the user data it requires.

Users will then stay signed into that service, and then rely on the various types of password protection on the handset itself to stay secure, rather than an individual app password.

Too many passwords

The company said the driving force behind the tech is to trim the number of passwords each user has to remember and to remove the hassle of typing convoluted passwords on a virtual keyboard.

"The internet already has too many usernames and passwords, and they don't scale," wrote Tim Bray on the Android Developers Blog.

"Furthermore, your Android device has a strong notion of who you are. In this situation, the industry consensus is that OAuth 2.0 is a good choice for the job, offering the promise of strong security minus passwords."